From 806c1b3e51d29723c6801187f95818c6c61df8b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bastian=20M=C3=A4user?= <bma@fan-internet.de>
Date: Fri, 10 Feb 2023 11:28:29 +0100
Subject: [PATCH] Accomodate for InfluxData Key rotation

---
 roles/influxdb/tasks/main.yml | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/roles/influxdb/tasks/main.yml b/roles/influxdb/tasks/main.yml
index 8814d78..92dd012 100644
--- a/roles/influxdb/tasks/main.yml
+++ b/roles/influxdb/tasks/main.yml
@@ -1,10 +1,23 @@
 ---
 
-- name: Enable influxdb apt-key
-  apt_key: url="https://repos.influxdata.com/influxdb.key"
+- name: Import Influxdb GPG siging key with store
+  ansible.builtin.get_url:
+    url: "https://repos.influxdata.com/influxdata-archive_compat.key"
+    dest: /etc/apt/trusted.gpg.d/influxdb.key
+    checksum: "sha256:393e8779c89ac8d958f81f942f9ad7fb82a25e133faddaf92e15b16e6ac9ce4c"
 
-- name: Enable influxdb repository
-  apt_repository: repo="deb https://repos.influxdata.com/debian {{ ansible_distribution_release }} stable"
+- name: Convert key
+  ansible.builtin.command:
+    argv:
+      - gpg
+      - --dearmor
+      - /etc/apt/trusted.gpg.d/influxdb.key
+    creates: /etc/apt/trusted.gpg.d/influxdb.key.gpg
+
+- name: Enable InfluxDB repository
+  ansible.builtin.apt_repository:
+    repo: 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdb.key.gpg] https://repos.influxdata.com/debian stable main'
+    state: present
 
 - name: Install influxdb
   apt: name=influxdb